...
In this noncompliant code example, a semicolon is used on the same line as an if statement.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
if (a == b); {
/* ... */
}
|
...
It is likely, in this example, that the semicolon was accidentally inserted.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
if (a == b) {
/* ... */
}
|
Risk Assessment
Errors of omission can result in unintended program flow.
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP15-C | High | Likely | Low | P27 | L1 |
Automated Detection
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Astrée |
| empty-body | Fully checked | ||||||
| Axivion Bauhaus Suite |
| CertC-EXP15 | Fully implemented | ||||||
| CodeSonar |
| LANG.STRUCT.EBS | Empty branch statement | ||||||
| Helix QAC |
| C3109 | |||||||
| Klocwork |
| SEMICOL |
| LDRA tool suite |
| 11 S, 12 S, 428 S | Fully Implemented | ||||||
| Parasoft C/C++test |
| CERT_C-EXP15-a | Suspicious use of semicolon | ||||||
| PC-lint Plus |
| 721, 722 | Partially supported: reports missing body from if, for, or while with semi-colon immediately following predicate | ||||||
| Polyspace Bug Finder |
| CERT C: Rec. EXP15-C | Checks for semicolon on same line as for, if or while statement (rule fully covered) | ||||||
| PVS-Studio |
| V529, V715 | |||||||
| SonarQube C/C++ Plugin |
| S1116 | |||||||
| RuleChecker |
| empty-body | Fully checked |
Related Guidelines
| SEI CERT Oracle |
| Coding Standard for Java |
| MSC51- |
| J. Do not place a semicolon |
| immediately following an if, for, or while |
| condition | |
| ISO/IEC TR 24772:2013 | Likely |
| Incorrect Expression [KOA] | |
| MITRE CWE | CWE-480, Use of incorrect operator |
Bibliography
| [Hatton 1995] | Section 2.7.2, "Errors of Omission and Addition" |
...
...